Skype spying on you in Russia, China and who knows where else?

May 23 2013 :: by Alex

Russian newspaper "Vedomosti" - a reputable Russian periodical co-founded by Dow Jones, The Financial Times and The Wall Street Journal - has reported that both the national security agency and the police are able to tap Skype conversations without even filing a court order.

Since I'm originally from Russia, I will translate the article for you:

03/14/2013

"Russian security services can tap Skype conversations. According to major IT-security players, the national security agencies including both FSB (Russian abbreviation for "Federal Security Service") and the police have been able to monitor Skype conversations and track user locations "for a couple of years now", says "IB-Group" CEO Ilia Sachkov - "This is exactly why our employees are not allowed to discuss any business matter on Skype".

"Since its acquisition of Skype in May 2011, Microsoft has added a legitimate monitoring technology to the tool", says newspaper's undisclosed source in Kremlin. "Now any user can be switched to a special mode where the encryption keys are generated on a server rather than on the user's phone or computer". Microsoft has been providing this technology to security services across the world, including Russia.

The two information security experts interviewed by the newspaper claim that access to Skype conversations is often granted to the secret service without even a court order. Sometimes it is simply provided "upon request". The newspaper's source in the Interior Ministry (simply put - the police) confirms that monitoring Skype users is not a complex task for a law enforcement agent in Russia.

The official representatives of the Interior Ministry and the Federal Security Service have refused to comment.

The newspaper has also interviewed two Russian entrepreneurs, who had to move to London (UK) because of the pressure from the authorities - and they have also confirmed that Skype can be intercepted: "Skype was invincible back in 2009, but it's not any more"

It's been discovered that some web-bot with a Redmond IP-address crawls all https-links you post into a Skype conversation (here's the source translated from German).

Jeffrey Nokel from the University of New Mexico has discovered that the Chinese installer even comes with a keylogger that "listens" to some specific "bad" words and combinations and sends them to the secret service later...